Netflow management
ip netflow export
This command enables the export of Netflow statistics on a network interface.
The use of a negative form (no) of the command disables the export of Netflow statistics on a network interface.
Syntax
[no] ip netflow export
Parameters
The command does not contain parameters.
Required privilege level
15
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-SERIAL
CONFIG-PORT-CHANNEL
CONFIG-CELLULAR-MODEM
CONFIG-E1
CONFIG-MULTILINK
CONFIG-VTI
CONFIG-GRE
CONFIG-IP4IP4
CONFIG-BRIDGE
CONFIG-LT
CONFIG-PPPOE
Example
esr(config-if-gi)# ip netflow exportnetflow active-timeout
This command sets the interval after which information about active sessions is exported to the collector.
The use of a negative form (no) of the command sets the default value.
Syntax
netflow active-timeout <TIMEOUT>
no netflow active-timeout
Parameters
<TIMEOUT> – delay before sending information about active sessions, set in seconds, takes the value [5..36000].
Default value
1800 seconds
Required privilege level
15
Command mode
CONFIG
Example
esr(config)# netflow active-timeout 30netflow collector
The command is used to set partnership relations between NTP servers and to switch to CONFIG-NTP command mode.
The use of a negative form (no) of the command removes a specific carrier information.
Syntax
[no] netflow collector <ADDR> [ vrf <VRF> ]
Parameters
<ADDR> – collector IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255];
<VRF> – VRF instance name, set by the string of up to 31 characters.
Required privilege level
15
Command mode
CONFIG
Example
esr(config)# netflow collector 10.100.100.1
esr(config-netflow-host)#netflow domain-id
This command sets Observation Domain IP value in Netflow packets.
The use of a negative form (no) of the command sets the default value.
Syntax
netflow domain-id <ID>
no netflow domain-id
Parameters
<ID> – Observation Domain ID value, takes the value [0..4294967295].
Default value
0
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# netflow domain-id 35netflow enable
This command enables Netflow on the router.
The use of a negative form (no) of the command disables Netflow on the router.
Syntax
[no] netflow enable
Parameters
The command does not contain parameters.
Default value
Process disabled.
Required privilege level
15
Command mode
CONFIG
Example
esr(config)# netflow enablenetflow export-events web-proxy
This command enables transmission of netflow statistics on packets transmitted via web proxy.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] netflow export-events web-proxy
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
15
Command mode
CONFIG
Example
esr(config)# netflow export-events web-proxynetflow export-options
This command enables additional fields in the information exported to the collector.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] netflow export-options { http-host | http-url }Parameters
http-host – for HTTP/HTTPS sessions, the domain information of the host to which the HTTP request was sent will be added. The field in the Netflow packet has the identifier 24884, 128 bytes.
http-url – for HTTP sessions information about the URL to which the HTTP request was sent will be added. The field in the Netflow packet has the identifier 24887, 384 bytes.
Default value
Disabled.
Required privilege level
15
Command mode
CONFIG
Example
esr(config)# netflow export-options http-hostnetflow inactive-timeout
This command sets the interval after which information about outdated sessions is exported to the collector.
The use of a negative form (no) of the command sets the default value.
Syntax
netflow inactive-timeout <TIMEOUT>
no netflow inactive-timeout
Parameters
<TIMEOUT> – delay before sending information about outdated sessions, set in seconds, takes the value [0..240].
Default value
15
Required privilege level
15
Command mode
CONFIG
Example
esr(config)# netflow inactive-timeout 30netflow max-flows
This command sets the maximum number of watched sessions.
The use of a negative form (no) of the command sets the default value.
Syntax
netflow max-flows <COUNT>
no netflow max-flows
Parameters
<COUNT> – number of watched sessions, takes the value [10000..2000000].
Default value
512000
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# netflow max-flows 300000netflow refresh-rate
This command sets the frequency of sending templates to the Netflow collector.
The use of a negative form (no) of the command sets the default value.
Syntax
netflow refresh-rate <RATE>
no netflow refresh-rate
Parameters
<RATE> – frequency of sending statistics, is set in packets per stream, takes the value [1..10000].
Default value
10
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# netflow refresh-rate 100netflow version
The command sets Netflow protocol version.
The use of a negative form (no) of the command sets the default value.
Syntax
netflow version <VERSION>
no netflow version
Parameters
<VERSION> – Netflow protocol version: 5, 9 and 10.
Default value
9
Required privilege level
15
Command mode
CONFIG
Example
esr(config)# netflow version 10port
This command defines the port of the Netflow service on the statistics collection server.
The use of a negative form (no) of the command sets the default value.
Syntax
port <PORT>
no port
Parameters
<PORT> – UDP port number, set in the range of [1..65535].
Default value
2055
Required privilege level
15
Command mode
CONFIG-NETFLOW-HOST
Example
esr(config-netflow-host)# port 5555show netflow configuration
The command displays Netflow agent configuration parameters.
Syntax
show netflow configuration
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
esr# show netflow configuration
Netflow configuration:
Global state: Enabled
Version: 9
Maxflows: 10001
Refresh rate: 10
Inactive timeout: 15
Host: 115.0.0.10 Port: 2055show netflow statistics
This command displays current information about the operation of Netflow.
Syntax
show netflow statistics
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
esr# show netflow statistics
Flows: active 9 (peak 34 reached 1d4h20m ago), mem 3841K
Hash: size 491496 (mem 3839K). InHash: 760 pkt, 339 K, InPDU 4, 160.
Processed rate Bits/s Packets/s
-------------- -------------- ---------------
Current 5142 2
1 Min Avg 4921 0
5 Min Avg 4874 0
Export: Rate 0 bytes/s; Total 3952 pkts, 3 MB, 28818 flows; Errors 2 pkts; Traffic lost 0 pkts, 0 Kbytes, 0 flows.show netflow statistics cpu
This command displays statistics on the distribution of Netflow load information on the CPU.
Syntax
show netflow statistics
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
esr# show netflow statistics cpu
Traffic, Traffic, Drop, Drop,
cpu PPS Packets MBytes Packets KBytes
----- ------- ------------ -------- ------------ --------
Total 1 215224 61 0 0
cpu0 0 0 0 0 0
cpu1 0 10485 0 0 0
cpu2 0 2676 0 0 0
cpu3 0 12893 0 0 0
cpu4 0 0 0 0 0
cpu5 1 106264 53 0 0
cpu6 0 2684 0 0 0
cpu7 0 10213 0 0 0
cpu8 0 6770 0 0 0
cpu9 0 5424 0 0 0
cpu10 0 2505 0 0 0
cpu11 0 10919 1 0 0
cpu12 0 13395 0 0 0
cpu13 0 2769 0 0 0
cpu14 0 14050 0 0 0
cpu15 0 14177 1 0 0source-address
This command defines the IP address of the router that will be used as the source IP address in packets sent by Netflow.
The use of a negative form (no) of the command removes a specified source IP address.
Syntax
source-address <ADDR>
no source-address
Parameters
<ADDR> – source IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255];
Required privilege level
15
Command mode
CONFIG-NETFLOW-HOST
Example
esr(config-netflow-host)# source-address 10.100.100.2